? bak
? ufs_extattr.c_fix_some_susers_and_vnops_options_et_al
Index: ufs_lookup.c
===================================================================
RCS file: /home/ncvs/src/sys/ufs/ufs/ufs_lookup.c,v
retrieving revision 1.39
diff -u -r1.39 ufs_lookup.c
--- ufs_lookup.c	2000/09/17 07:26:42	1.39
+++ ufs_lookup.c	2000/09/18 15:52:20
@@ -476,7 +476,7 @@
 		 * implements append-only directories.
 		 */
 		if ((dp->i_mode & ISVTX) &&
-		    cred->cr_uid != 0 &&
+		    suser_xxx(cred, p, PRISON_ROOT) &&
 		    cred->cr_uid != dp->i_uid &&
 		    VTOI(tdp)->i_uid != cred->cr_uid) {
 			vput(tdp);
Index: ufs_quota.c
===================================================================
RCS file: /home/ncvs/src/sys/ufs/ufs/ufs_quota.c,v
retrieving revision 1.36
diff -u -r1.36 ufs_quota.c
--- ufs_quota.c	2000/07/28 22:28:05	1.36
+++ ufs_quota.c	2000/09/18 15:52:21
@@ -147,7 +147,7 @@
 		}
 		return (0);
 	}
-	if ((flags & FORCE) == 0 && cred->cr_uid != 0) {
+	if ((flags & FORCE) == 0 && suser_xxx(cred, NULL, 0)) {
 		for (i = 0; i < MAXQUOTAS; i++) {
 			if ((dq = ip->i_dquot[i]) == NODQUOT)
 				continue;
@@ -268,7 +268,7 @@
 		}
 		return (0);
 	}
-	if ((flags & FORCE) == 0 && cred->cr_uid != 0) {
+	if ((flags & FORCE) == 0 && suser_xxx(cred, NULL, 0)) {
 		for (i = 0; i < MAXQUOTAS; i++) {
 			if ((dq = ip->i_dquot[i]) == NODQUOT)
 				continue;
Index: ufs_readwrite.c
===================================================================
RCS file: /home/ncvs/src/sys/ufs/ufs/ufs_readwrite.c,v
retrieving revision 1.68
diff -u -r1.68 ufs_readwrite.c
--- ufs_readwrite.c	2000/04/17 03:37:13	1.68
+++ ufs_readwrite.c	2000/09/18 15:52:22
@@ -514,7 +514,8 @@
 	 * we clear the setuid and setgid bits as a precaution against
 	 * tampering.
 	 */
-	if (resid > uio->uio_resid && ap->a_cred && ap->a_cred->cr_uid != 0)
+	if (resid > uio->uio_resid && ap->a_cred && 
+	    suser_xxx(ap->a_cred, NULL, PRISON_ROOT))
 		ip->i_mode &= ~(ISUID | ISGID);
 	if (resid > uio->uio_resid)
 		VN_KNOTE(vp, NOTE_WRITE | (extended ? NOTE_EXTEND : 0));
Index: ufs_vnops.c
===================================================================
RCS file: /home/ncvs/src/sys/ufs/ufs/ufs_vnops.c,v
retrieving revision 1.144
diff -u -r1.144 ufs_vnops.c
--- ufs_vnops.c	2000/09/16 18:20:27	1.144
+++ ufs_vnops.c	2000/09/18 15:52:23
@@ -411,7 +411,7 @@
 		if (cred->cr_uid != ip->i_uid &&
 		    (error = suser_xxx(cred, p, PRISON_ROOT)))
 			return (error);
-		if ((cred->cr_uid == 0) && (p->p_prison == NULL)) {
+		if (!suser_xxx(cred, NULL, 0)) {
 			if ((ip->i_flags
 			    & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) &&
 			    securelevel > 0)
@@ -527,7 +527,7 @@
 	    if (error)
 		return (error);
 	}
-	if (cred->cr_uid) {
+	if (suser_xxx(cred, NULL, PRISON_ROOT)) {
 		if (vp->v_type != VDIR && (mode & S_ISTXT))
 			return (EFTYPE);
 		if (!groupmember(ip->i_gid, cred) && (mode & ISGID))
@@ -638,7 +638,7 @@
 		panic("ufs_chown: lost quota");
 #endif /* QUOTA */
 	ip->i_flag |= IN_CHANGE;
-	if (cred->cr_uid != 0 && (ouid != uid || ogid != gid))
+	if (suser_xxx(cred, NULL, 0) && (ouid != uid || ogid != gid))
 		ip->i_mode &= ~(ISUID | ISGID);
 	return (0);
 }
@@ -1093,7 +1093,8 @@
 		 * otherwise the destination may not be changed (except by
 		 * root). This implements append-only directories.
 		 */
-		if ((dp->i_mode & S_ISTXT) && tcnp->cn_cred->cr_uid != 0 &&
+		if ((dp->i_mode & S_ISTXT) &&
+		    suser_xxx(tcnp->cn_cred, NULL, 0) &&
 		    tcnp->cn_cred->cr_uid != dp->i_uid &&
 		    xp->i_uid != tcnp->cn_cred->cr_uid) {
 			error = EPERM;